Date: Thu, 30 Jul 2009 22:27:32 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: get the password of windows XP
On Tue, Jul 28, 2009 at 12:11:56PM +0530, jith wrote:
> I am new guy to use john the ripper
> i want to crack the windows XP password
> i have the SAM system security file from c:\windows\system32\config
> using saminside i got the ntlm and lm hashes
> then how can i get the password from those file....
What does your file look like?
JtR will load files that are in PWDUMP output format. The lines should
look like:
Administrator:500:E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B7586C:::
In the above example, the 3rd field is the LM hash and the 4th field is
the NTLM hash. The corresponding password is "password". When you run
JtR on a file containing the above line, it cracks the LM hash:
$ john pw
Loaded 2 password hashes with no different salts (LM DES [64/64 BS MMX])
PASSWOR (Administrator:1)
D (Administrator:2)
guesses: 2 time: 0:00:00:00 100% (2) c/s: 466914 trying: MIMING - D
To crack the NTLM hash (and thus get the case-sensitive password), use
the recipe given in the following posting:
http://www.openwall.com/lists/john-users/2006/07/08/2
Alexander
--
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.